Lucene search
K

Vulnerabilities fixed in Adobe ColdFusion

🗓️ 10 Dec 2025 13:34:08Reported by NCSCType 
ncsc
 ncsc
🔗 advisories.ncsc.nl👁 9 Views

Adobe ColdFusion fixes for unauthorized code execution and data access via file uploads and input validation.

Related
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2025-61821
9 Dec 202523:41
attackerkb
ATTACKERKB
CVE-2025-61813
9 Dec 202523:41
attackerkb
Adobe
APSB25-112 : Security update available for Adobe Pass
11 Nov 202500:00
adobe
BDU FSTEC
The vulnerability of the tools for securing access to Adobe Pass Authentication Android SDK lies in authentication mechanism flaws, allowing attackers to circumvent existing security restrictions.
1 Dec 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the ColdFusion software platform lies in the improper limitation of XML references to external objects, which allows attackers to disclose protected information.
10 Dec 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the ColdFusion software platform lies in the improper limitation of XML references to external objects, which allows attackers to disclose protected information.
10 Dec 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the ColdFusion software platform, related to insufficient validation of input data, allows attackers to write arbitrary files into the system.
10 Dec 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the ColdFusion software platform, related to errors in access control, allows attackers to escalate their privileges.
10 Dec 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the ColdFusion software platform lies in the improper limitation of XML references to external objects, which allows attackers to disclose protected information.
10 Dec 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the ColdFusion software platform, related to insufficient validation of input data, allows attackers to execute arbitrary code.
10 Dec 202500:00
bdu_fstec
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

10 Dec 2025 13:34Current
7.3High risk
Vulners AI Score7.3
CVSS 46.9
CVSS 3.19.1
EPSS0.08453
SSVC
9